What encoding is used for the keys when using `ssh-keygen -t rsa`?

to generate a public/private key pair in files e.g. id_rsa.pub and id_rsa, my understanding is that the public key encodes a prime number p, and the private key encodes a number pq. But when I open these files I don’t see human-readable numbers, I see sequences of characters. So my question is simply: what am I looking at? Are these characters directly mappable to numbers and, if so, by what convention/algorithm/encoding?

ssl openssh

share|improve this question

asked Jan 5 at 20:25

Anastasius VivaldusAnastasius Vivaldus

184

1

An RSA keypair generates two primes (p and q) and their product n = pq. The public key consists of n and e, the public exponent; the private key must include n and d, the private exponent, but in practice also include p, q, and several additional numbers. See en.wikipedia.org/wiki/RSA_%28cryptosystem%29#Key_generation .

– dave_thompson_085Jan 6 at 0:03

Computers only store numbers as ASCII digits if humans need to read them, otherwise more space efficient methods are available. The Base64 is a mapping onto visible ASCII characters so they could go through any kind of ASCII-based (7-bit) mail system without being distorted.

– Thorbjørn Ravn AndersenJan 6 at 1:21

add a comment |

2

When I run:

ssh-keygen -t rsa

to generate a public/private key pair in files e.g. id_rsa.pub and id_rsa, my understanding is that the public key encodes a prime number p, and the private key encodes a number pq. But when I open these files I don’t see human-readable numbers, I see sequences of characters. So my question is simply: what am I looking at? Are these characters directly mappable to numbers and, if so, by what convention/algorithm/encoding?

ssl openssh

share|improve this question

asked Jan 5 at 20:25

Anastasius VivaldusAnastasius Vivaldus

184

1

An RSA keypair generates two primes (p and q) and their product n = pq. The public key consists of n and e, the public exponent; the private key must include n and d, the private exponent, but in practice also include p, q, and several additional numbers. See en.wikipedia.org/wiki/RSA_%28cryptosystem%29#Key_generation .

– dave_thompson_085Jan 6 at 0:03

Computers only store numbers as ASCII digits if humans need to read them, otherwise more space efficient methods are available. The Base64 is a mapping onto visible ASCII characters so they could go through any kind of ASCII-based (7-bit) mail system without being distorted.

– Thorbjørn Ravn AndersenJan 6 at 1:21

add a comment |

2

2

2

When I run:

ssh-keygen -t rsa

to generate a public/private key pair in files e.g. id_rsa.pub and id_rsa, my understanding is that the public key encodes a prime number p, and the private key encodes a number pq. But when I open these files I don’t see human-readable numbers, I see sequences of characters. So my question is simply: what am I looking at? Are these characters directly mappable to numbers and, if so, by what convention/algorithm/encoding?

ssl openssh

share|improve this question

asked Jan 5 at 20:25

Anastasius VivaldusAnastasius Vivaldus

184

When I run:

ssh-keygen -t rsa

to generate a public/private key pair in files e.g. id_rsa.pub and id_rsa, my understanding is that the public key encodes a prime number p, and the private key encodes a number pq. But when I open these files I don’t see human-readable numbers, I see sequences of characters. So my question is simply: what am I looking at? Are these characters directly mappable to numbers and, if so, by what convention/algorithm/encoding?

ssl openssh

ssl openssh

share|improve this question

asked Jan 5 at 20:25

Anastasius VivaldusAnastasius Vivaldus

184

share|improve this question

asked Jan 5 at 20:25

Anastasius VivaldusAnastasius Vivaldus

184

share|improve this question

share|improve this question

asked Jan 5 at 20:25

Anastasius VivaldusAnastasius Vivaldus

184

asked Jan 5 at 20:25

Anastasius VivaldusAnastasius Vivaldus

184

asked Jan 5 at 20:25

Anastasius VivaldusAnastasius Vivaldus

184

184

1

An RSA keypair generates two primes (p and q) and their product n = pq. The public key consists of n and e, the public exponent; the private key must include n and d, the private exponent, but in practice also include p, q, and several additional numbers. See en.wikipedia.org/wiki/RSA_%28cryptosystem%29#Key_generation .

– dave_thompson_085Jan 6 at 0:03

Computers only store numbers as ASCII digits if humans need to read them, otherwise more space efficient methods are available. The Base64 is a mapping onto visible ASCII characters so they could go through any kind of ASCII-based (7-bit) mail system without being distorted.

– Thorbjørn Ravn AndersenJan 6 at 1:21

add a comment |

1

An RSA keypair generates two primes (p and q) and their product n = pq. The public key consists of n and e, the public exponent; the private key must include n and d, the private exponent, but in practice also include p, q, and several additional numbers. See en.wikipedia.org/wiki/RSA_%28cryptosystem%29#Key_generation .

– dave_thompson_085Jan 6 at 0:03

Computers only store numbers as ASCII digits if humans need to read them, otherwise more space efficient methods are available. The Base64 is a mapping onto visible ASCII characters so they could go through any kind of ASCII-based (7-bit) mail system without being distorted.

– Thorbjørn Ravn AndersenJan 6 at 1:21

1

1

An RSA keypair generates two primes (p and q) and their product n = pq. The public key consists of n and e, the public exponent; the private key must include n and d, the private exponent, but in practice also include p, q, and several additional numbers. See en.wikipedia.org/wiki/RSA_%28cryptosystem%29#Key_generation .

– dave_thompson_085Jan 6 at 0:03

An RSA keypair generates two primes (p and q) and their product n = pq. The public key consists of n and e, the public exponent; the private key must include n and d, the private exponent, but in practice also include p, q, and several additional numbers. See en.wikipedia.org/wiki/RSA_%28cryptosystem%29#Key_generation .

– dave_thompson_085Jan 6 at 0:03

Computers only store numbers as ASCII digits if humans need to read them, otherwise more space efficient methods are available. The Base64 is a mapping onto visible ASCII characters so they could go through any kind of ASCII-based (7-bit) mail system without being distorted.

– Thorbjørn Ravn AndersenJan 6 at 1:21

Computers only store numbers as ASCII digits if humans need to read them, otherwise more space efficient methods are available. The Base64 is a mapping onto visible ASCII characters so they could go through any kind of ASCII-based (7-bit) mail system without being distorted.

– Thorbjørn Ravn AndersenJan 6 at 1:21

add a comment |

1 Answer1

active

oldest

votes

5

The ssl keys (private and public) are usually stored in so named PEM format.

Privacy-Enhanced Mail (PEM) is a de facto file format for storing and
sending cryptographic keys, certificates, and other data, based on a
set of 1993 IETF standards defining “privacy-enhanced mail.” While the
original standards were never broadly adopted, and were supplanted by
PGP and S/MIME, the textual encoding they defined became very popular.
The PEM format was eventually formalized by the IETF in RFC 7468.

This format is actually header, then base64 encoded binary data and footer.

Base64 is a group of similar binary-to-text encoding schemes that
represent binary data in an ASCII string format by translating it into
a radix-64 representation. The term Base64 originates from a specific
MIME content transfer encoding. Each Base64 digit represents exactly 6
bits of data. Three 8-bit bytes (i.e., a total of 24 bits) can
therefore be represented by four 6-bit Base64 digits.

For ssh keys please check below from dave_thompson_085 comments:

Note ssh-keygen uses (several) PEM formats but never the one(s) in
7468. In the past for RSA it defaulted to OpenSSL’s two ‘traditional’ (aka ‘legacy’) formats, either unencrypted whcih is 7468-like except
containing PKCS1, or password-encrypted which is1421-like with
Proc-type and DEK-Info and base64 of encrypted PKCS1, but not
7468-like. Since 7.8 it defaults to OpenSSH’s own ‘new format’
(previously invoked by option -o) which is 7468-like but the contents
are entirely different (XDR-style not ASN.1). There are numerous Qs
about these already on several Stacks.

OpenSSH public key formats are never PEM (although commercial ‘SSH2’
sort-of are), just base64 of SSH wire format. And I was recently
reminded this Q/A covers the private key formats quite thoroughly

share|improve this answer

edited Jan 9 at 9:43

answered Jan 5 at 20:48

Romeo NinovRomeo Ninov

5,59831928

1

Note ssh-keygen uses (several) PEM formats but never the one(s) in 7468. In the past for RSA it defaulted to OpenSSL’s two ‘traditional’ (aka ‘legacy’) formats, either unencrypted whcih is 7468-like except containing PKCS1, or password-encrypted which is1421-like with Proc-type and DEK-Info and base64 of encrypted PKCS1, but not 7468-like. Since 7.8 it defaults to OpenSSH’s own ‘new format’ (previously invoked by option -o) which is 7468-like but the contents are entirely different (XDR-style not ASN.1). There are numerous Qs about these already on several Stacks.

– dave_thompson_085Jan 6 at 0:08

@dave_thompson_085, thank you for clarification. May I quote you comment in my answer?

– Romeo NinovJan 6 at 6:01

1

Soitenly; you don’t really need to ask, as Stack is always CC-BY-SA+attribution but I’m happy to confirm that. I forgot to add that OpenSSH public key formats are never PEM (although commercial ‘SSH2’ sort-of are), just base64 of SSH wire format. And I was recently reminded security.stackexchange.com/questions/39279/… covers the private key formats quite thoroughly.

Post as a guest

Name

Email

Required, but never shown

1 Answer1

active

oldest

votes

1 Answer1

active

oldest

votes

active

oldest

votes

active

oldest

votes

5

The ssl keys (private and public) are usually stored in so named PEM format.

Privacy-Enhanced Mail (PEM) is a de facto file format for storing and
sending cryptographic keys, certificates, and other data, based on a
set of 1993 IETF standards defining “privacy-enhanced mail.” While the
original standards were never broadly adopted, and were supplanted by
PGP and S/MIME, the textual encoding they defined became very popular.
The PEM format was eventually formalized by the IETF in RFC 7468.

This format is actually header, then base64 encoded binary data and footer.

Base64 is a group of similar binary-to-text encoding schemes that
represent binary data in an ASCII string format by translating it into
a radix-64 representation. The term Base64 originates from a specific
MIME content transfer encoding. Each Base64 digit represents exactly 6
bits of data. Three 8-bit bytes (i.e., a total of 24 bits) can
therefore be represented by four 6-bit Base64 digits.

For ssh keys please check below from dave_thompson_085 comments:

Note ssh-keygen uses (several) PEM formats but never the one(s) in
7468. In the past for RSA it defaulted to OpenSSL’s two ‘traditional’ (aka ‘legacy’) formats, either unencrypted whcih is 7468-like except
containing PKCS1, or password-encrypted which is1421-like with
Proc-type and DEK-Info and base64 of encrypted PKCS1, but not
7468-like. Since 7.8 it defaults to OpenSSH’s own ‘new format’
(previously invoked by option -o) which is 7468-like but the contents
are entirely different (XDR-style not ASN.1). There are numerous Qs
about these already on several Stacks.

OpenSSH public key formats are never PEM (although commercial ‘SSH2’
sort-of are), just base64 of SSH wire format. And I was recently
reminded this Q/A covers the private key formats quite thoroughly

share|improve this answer

edited Jan 9 at 9:43

answered Jan 5 at 20:48

Romeo NinovRomeo Ninov

5,59831928

1

Note ssh-keygen uses (several) PEM formats but never the one(s) in 7468. In the past for RSA it defaulted to OpenSSL’s two ‘traditional’ (aka ‘legacy’) formats, either unencrypted whcih is 7468-like except containing PKCS1, or password-encrypted which is1421-like with Proc-type and DEK-Info and base64 of encrypted PKCS1, but not 7468-like. Since 7.8 it defaults to OpenSSH’s own ‘new format’ (previously invoked by option -o) which is 7468-like but the contents are entirely different (XDR-style not ASN.1). There are numerous Qs about these already on several Stacks.

– dave_thompson_085Jan 6 at 0:08

@dave_thompson_085, thank you for clarification. May I quote you comment in my answer?

– Romeo NinovJan 6 at 6:01

1

Soitenly; you don’t really need to ask, as Stack is always CC-BY-SA+attribution but I’m happy to confirm that. I forgot to add that OpenSSH public key formats are never PEM (although commercial ‘SSH2’ sort-of are), just base64 of SSH wire format. And I was recently reminded security.stackexchange.com/questions/39279/… covers the private key formats quite thoroughly.

– dave_thompson_085Jan 9 at 9:39

add a comment |

5

The ssl keys (private and public) are usually stored in so named PEM format.

Privacy-Enhanced Mail (PEM) is a de facto file format for storing and
sending cryptographic keys, certificates, and other data, based on a
set of 1993 IETF standards defining “privacy-enhanced mail.” While the
original standards were never broadly adopted, and were supplanted by
PGP and S/MIME, the textual encoding they defined became very popular.
The PEM format was eventually formalized by the IETF in RFC 7468.

This format is actually header, then base64 encoded binary data and footer.

Base64 is a group of similar binary-to-text encoding schemes that
represent binary data in an ASCII string format by translating it into
a radix-64 representation. The term Base64 originates from a specific
MIME content transfer encoding. Each Base64 digit represents exactly 6
bits of data. Three 8-bit bytes (i.e., a total of 24 bits) can
therefore be represented by four 6-bit Base64 digits.

For ssh keys please check below from dave_thompson_085 comments:

Note ssh-keygen uses (several) PEM formats but never the one(s) in
7468. In the past for RSA it defaulted to OpenSSL’s two ‘traditional’ (aka ‘legacy’) formats, either unencrypted whcih is 7468-like except
containing PKCS1, or password-encrypted which is1421-like with
Proc-type and DEK-Info and base64 of encrypted PKCS1, but not
7468-like. Since 7.8 it defaults to OpenSSH’s own ‘new format’
(previously invoked by option -o) which is 7468-like but the contents
are entirely different (XDR-style not ASN.1). There are numerous Qs
about these already on several Stacks.

OpenSSH public key formats are never PEM (although commercial ‘SSH2’
sort-of are), just base64 of SSH wire format. And I was recently
reminded this Q/A covers the private key formats quite thoroughly

share|improve this answer

edited Jan 9 at 9:43

answered Jan 5 at 20:48

Romeo NinovRomeo Ninov

5,59831928

1

Note ssh-keygen uses (several) PEM formats but never the one(s) in 7468. In the past for RSA it defaulted to OpenSSL’s two ‘traditional’ (aka ‘legacy’) formats, either unencrypted whcih is 7468-like except containing PKCS1, or password-encrypted which is1421-like with Proc-type and DEK-Info and base64 of encrypted PKCS1, but not 7468-like. Since 7.8 it defaults to OpenSSH’s own ‘new format’ (previously invoked by option -o) which is 7468-like but the contents are entirely different (XDR-style not ASN.1). There are numerous Qs about these already on several Stacks.

– dave_thompson_085Jan 6 at 0:08

@dave_thompson_085, thank you for clarification. May I quote you comment in my answer?

– Romeo NinovJan 6 at 6:01

1

Soitenly; you don’t really need to ask, as Stack is always CC-BY-SA+attribution but I’m happy to confirm that. I forgot to add that OpenSSH public key formats are never PEM (although commercial ‘SSH2’ sort-of are), just base64 of SSH wire format. And I was recently reminded security.stackexchange.com/questions/39279/… covers the private key formats quite thoroughly.

– dave_thompson_085Jan 9 at 9:39

add a comment |

5

5

5

The ssl keys (private and public) are usually stored in so named PEM format.

Privacy-Enhanced Mail (PEM) is a de facto file format for storing and
sending cryptographic keys, certificates, and other data, based on a
set of 1993 IETF standards defining “privacy-enhanced mail.” While the
original standards were never broadly adopted, and were supplanted by
PGP and S/MIME, the textual encoding they defined became very popular.
The PEM format was eventually formalized by the IETF in RFC 7468.

This format is actually header, then base64 encoded binary data and footer.

Base64 is a group of similar binary-to-text encoding schemes that
represent binary data in an ASCII string format by translating it into
a radix-64 representation. The term Base64 originates from a specific
MIME content transfer encoding. Each Base64 digit represents exactly 6
bits of data. Three 8-bit bytes (i.e., a total of 24 bits) can
therefore be represented by four 6-bit Base64 digits.

For ssh keys please check below from dave_thompson_085 comments:

Note ssh-keygen uses (several) PEM formats but never the one(s) in
7468. In the past for RSA it defaulted to OpenSSL’s two ‘traditional’ (aka ‘legacy’) formats, either unencrypted whcih is 7468-like except
containing PKCS1, or password-encrypted which is1421-like with
Proc-type and DEK-Info and base64 of encrypted PKCS1, but not
7468-like. Since 7.8 it defaults to OpenSSH’s own ‘new format’
(previously invoked by option -o) which is 7468-like but the contents
are entirely different (XDR-style not ASN.1). There are numerous Qs
about these already on several Stacks.

OpenSSH public key formats are never PEM (although commercial ‘SSH2’
sort-of are), just base64 of SSH wire format. And I was recently
reminded this Q/A covers the private key formats quite thoroughly

share|improve this answer

edited Jan 9 at 9:43

answered Jan 5 at 20:48

Romeo NinovRomeo Ninov

5,59831928

The ssl keys (private and public) are usually stored in so named PEM format.

Privacy-Enhanced Mail (PEM) is a de facto file format for storing and
sending cryptographic keys, certificates, and other data, based on a
set of 1993 IETF standards defining “privacy-enhanced mail.” While the
original standards were never broadly adopted, and were supplanted by
PGP and S/MIME, the textual encoding they defined became very popular.
The PEM format was eventually formalized by the IETF in RFC 7468.

This format is actually header, then base64 encoded binary data and footer.

Base64 is a group of similar binary-to-text encoding schemes that
represent binary data in an ASCII string format by translating it into
a radix-64 representation. The term Base64 originates from a specific
MIME content transfer encoding. Each Base64 digit represents exactly 6
bits of data. Three 8-bit bytes (i.e., a total of 24 bits) can
therefore be represented by four 6-bit Base64 digits.

For ssh keys please check below from dave_thompson_085 comments:

Note ssh-keygen uses (several) PEM formats but never the one(s) in
7468. In the past for RSA it defaulted to OpenSSL’s two ‘traditional’ (aka ‘legacy’) formats, either unencrypted whcih is 7468-like except
containing PKCS1, or password-encrypted which is1421-like with
Proc-type and DEK-Info and base64 of encrypted PKCS1, but not
7468-like. Since 7.8 it defaults to OpenSSH’s own ‘new format’
(previously invoked by option -o) which is 7468-like but the contents
are entirely different (XDR-style not ASN.1). There are numerous Qs
about these already on several Stacks.

OpenSSH public key formats are never PEM (although commercial ‘SSH2’
sort-of are), just base64 of SSH wire format. And I was recently
reminded this Q/A covers the private key formats quite thoroughly

share|improve this answer

edited Jan 9 at 9:43

answered Jan 5 at 20:48

Romeo NinovRomeo Ninov

5,59831928

share|improve this answer

share|improve this answer

edited Jan 9 at 9:43

edited Jan 9 at 9:43

edited Jan 9 at 9:43

answered Jan 5 at 20:48

Romeo NinovRomeo Ninov

5,59831928

answered Jan 5 at 20:48

Romeo NinovRomeo Ninov

5,59831928

answered Jan 5 at 20:48

Romeo NinovRomeo Ninov

5,59831928

5,59831928

1

Note ssh-keygen uses (several) PEM formats but never the one(s) in 7468. In the past for RSA it defaulted to OpenSSL’s two ‘traditional’ (aka ‘legacy’) formats, either unencrypted whcih is 7468-like except containing PKCS1, or password-encrypted which is1421-like with Proc-type and DEK-Info and base64 of encrypted PKCS1, but not 7468-like. Since 7.8 it defaults to OpenSSH’s own ‘new format’ (previously invoked by option -o) which is 7468-like but the contents are entirely different (XDR-style not ASN.1). There are numerous Qs about these already on several Stacks.

– dave_thompson_085Jan 6 at 0:08

@dave_thompson_085, thank you for clarification. May I quote you comment in my answer?

– Romeo NinovJan 6 at 6:01

1

Soitenly; you don’t really need to ask, as Stack is always CC-BY-SA+attribution but I’m happy to confirm that. I forgot to add that OpenSSH public key formats are never PEM (although commercial ‘SSH2’ sort-of are), just base64 of SSH wire format. And I was recently reminded security.stackexchange.com/questions/39279/… covers the private key formats quite thoroughly.

– dave_thompson_085Jan 9 at 9:39

add a comment |

1

Note ssh-keygen uses (several) PEM formats but never the one(s) in 7468. In the past for RSA it defaulted to OpenSSL’s two ‘traditional’ (aka ‘legacy’) formats, either unencrypted whcih is 7468-like except containing PKCS1, or password-encrypted which is1421-like with Proc-type and DEK-Info and base64 of encrypted PKCS1, but not 7468-like. Since 7.8 it defaults to OpenSSH’s own ‘new format’ (previously invoked by option -o) which is 7468-like but the contents are entirely different (XDR-style not ASN.1). There are numerous Qs about these already on several Stacks.

– dave_thompson_085Jan 6 at 0:08

@dave_thompson_085, thank you for clarification. May I quote you comment in my answer?

– Romeo NinovJan 6 at 6:01

1

Soitenly; you don’t really need to ask, as Stack is always CC-BY-SA+attribution but I’m happy to confirm that. I forgot to add that OpenSSH public key formats are never PEM (although commercial ‘SSH2’ sort-of are), just base64 of SSH wire format. And I was recently reminded security.stackexchange.com/questions/39279/… covers the private key formats quite thoroughly.

– dave_thompson_085Jan 9 at 9:39

1

1

Note ssh-keygen uses (several) PEM formats but never the one(s) in 7468. In the past for RSA it defaulted to OpenSSL’s two ‘traditional’ (aka ‘legacy’) formats, either unencrypted whcih is 7468-like except containing PKCS1, or password-encrypted which is1421-like with Proc-type and DEK-Info and base64 of encrypted PKCS1, but not 7468-like. Since 7.8 it defaults to OpenSSH’s own ‘new format’ (previously invoked by option -o) which is 7468-like but the contents are entirely different (XDR-style not ASN.1). There are numerous Qs about these already on several Stacks.

– dave_thompson_085Jan 6 at 0:08

Note ssh-keygen uses (several) PEM formats but never the one(s) in 7468. In the past for RSA it defaulted to OpenSSL’s two ‘traditional’ (aka ‘legacy’) formats, either unencrypted whcih is 7468-like except containing PKCS1, or password-encrypted which is1421-like with Proc-type and DEK-Info and base64 of encrypted PKCS1, but not 7468-like. Since 7.8 it defaults to OpenSSH’s own ‘new format’ (previously invoked by option -o) which is 7468-like but the contents are entirely different (XDR-style not ASN.1). There are numerous Qs about these already on several Stacks.

– dave_thompson_085Jan 6 at 0:08

@dave_thompson_085, thank you for clarification. May I quote you comment in my answer?

– Romeo NinovJan 6 at 6:01

@dave_thompson_085, thank you for clarification. May I quote you comment in my answer?

– Romeo NinovJan 6 at 6:01

1

1

Soitenly; you don’t really need to ask, as Stack is always CC-BY-SA+attribution but I’m happy to confirm that. I forgot to add that OpenSSH public key formats are never PEM (although commercial ‘SSH2’ sort-of are), just base64 of SSH wire format. And I was recently reminded security.stackexchange.com/questions/39279/… covers the private key formats quite thoroughly.

– dave_thompson_085Jan 9 at 9:39

Soitenly; you don’t really need to ask, as Stack is always CC-BY-SA+attribution but I’m happy to confirm that. I forgot to add that OpenSSH public key formats are never PEM (although commercial ‘SSH2’ sort-of are), just base64 of SSH wire format. And I was recently reminded security.stackexchange.com/questions/39279/… covers the private key formats quite thoroughly.

– dave_thompson_085Jan 9 at 9:39

add a comment |

Thanks for contributing an answer to Unix & Linux Stack Exchange!

Please be sure to answer the question. Provide details and share your research!

But avoid …

Asking for help, clarification, or responding to other answers.

Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.

draft saved

draft discarded

Thanks for contributing an answer to Unix & Linux Stack Exchange!

Please be sure to answer the question. Provide details and share your research!

But avoid …

Asking for help, clarification, or responding to other answers.

Making statements based on opinion; back them up with references or personal experience.